Accellion FTA attacks, extortion attempts might be the work of FIN11
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted …
data theft
Adversaries exploit supply chains, double down on COVID-19 and ransomware
Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. eCrime attacks made up 79% of all …
Microsoft: Solorigate attackers grabbed Azure, Intune, Exchange component source code
Microsoft has completed its internal investigation about the Solorigate (SolarWinds) security incident, and has discovered that the attackers were very interested in the code …
Sealed U.S. court records possibly accessed by SolarWinds attackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds …
We got used to SMS notifications and phishers are capitalizing on it
A rising onslaught of phishing messages delivered via SMS (aka “smishing”) has been hitting mobile users around the world in the last few months. The fake messages …
The ransomware plague cost the world over $1 billion
Group-IB has presented a report which examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The most …
63 billion credential stuffing attacks hit retail, hospitality, travel industries
Akamai published a report detailing criminal activity targeting the retail, travel, and hospitality industries with attacks of all types and sizes between July 2018 and June …
Employees increasingly masking online activities
This year’s shift to a near 100% WFH workforce by the Global 5000 has significantly changed the behaviors of trusted insiders, a DTEX Systems report reveals. Key findings …
Biomedical orgs working on COVID-19 vaccines open to cyber attacks
In a recently released report by the UK National Cyber Security Centre (NCSC), whose findings have been backed by Canada’s Communications Security Establishment (CSE) and the …
Most global brands fail to implement security controls to prevent data leakage and theft
The global pandemic has seen the web take center stage. Banking, retail and other industries have seen large spikes in web traffic, and this trend is expected to become …
Magecart Group 8 skimmed card info from 570+ online shops
Your payment card information got stolen but you don’t know how, when and where? Maybe you shopped on one of the 570 webshops compromised by the Keeper Magecart group …
Duration of application DDoS attacks increasing, some go on for days
There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account …
